﻿using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;

namespace YiShop.Framework.Authorization
{
    /// <summary>
    /// 授权策略提供器
    /// </summary>
    public class AppAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
    {
        public AppAuthorizationPolicyProvider(IOptions<AuthorizationOptions> options) : base(options)
        {
        }
        public override async Task<AuthorizationPolicy?> GetPolicyAsync(string policyName)
        {
            // 先尝试获取默认策略
            var policy = await base.GetPolicyAsync(policyName);
            if (policy != null)
                return policy;

            // 动态创建策略：要求用户拥有特定权限（Claim）
            var policyBuilder = new AuthorizationPolicyBuilder();
            policyBuilder.AddRequirements(new PermissionRequirement(policyName));
            return policyBuilder.Build();
        }
    }
}